Fraud Examination Considerations in China: An Excerpt from the ACFE's International Fraud Handbook


Business operations – and frauds – now routinely span geographical borders, requiring new knowledge and skill sets for those attempting to prevent, detect, and investigate white-collar crimes. As the fraud examination profession has grown globally and the fight against fraud has grown more complex, the need for information and professional connection has never been greater.

It is out of this need, demonstrated by the numerous and increasing requests that the ACFE receives every year for resources to assist in this international effort, that the inspiration for the ACFE's new International Fraud Handbook arose. The foundation for effectively addressing fraud against organizations – the tools of the trade used to prevent, detect, and respond to these crimes – look about the same throughout most of the world. However, important geographical nuances and considerations exist. Consequently, the handbook provides detailed information regarding fraud examination for more than 35 countries throughout the world, contributed by ACFE members who work in those nations.

Below is a small excerpt from the handbook, which details the special considerations for investigating fraud in China:

"China Contributors
Edward J. Epstein, LLB, LLM
Caoyu Xu

Sources of Information

1. What types of information about individuals are available to the public?
Certain personal credit failure records are publicly available, such as judgment debtors in default. Some litigation and regulatory records are also available online, such as parties to civil cases, some judgments and business registration information (e.g., shareholdings and directorships).

2. What types of information about businesses are available to the public?
Generally, business registration information is publicly available, including business scope, registered capital, shareholdings, directors and officers, registration dates, and past registration changes. All business registration authorities operate online databases, but there is no central registry and the information available varies.

3. Are court records available to the public? If so, explain what types of civil and criminal records can be obtained by the public.
For civil cases, most national-, provincial-, and municipal-level court records are available online, but they are usually incomplete. Criminal records are not available to be searched, but they are frequently published in the media.

4. What other resources or types of information are regularly used by investigators in your country?
Proprietary databases storing personal and corporate information are used by investigators (See response to Question 5).

5. What are some of the most useful Internet or online sources regularly used in fraud investigations?
The websites Qichacha ( and Tianyancha ( are often used for business information. Other sites are used for personal credit failure checks. Business information is also collected by local registries. Most registries have search capabilities for basic information, such as the names of officers, directors, and shareholders. Lawyers can obtain additional information by searching the physical records, but sometimes a court order is required.

Legal and Regulatory Environment

6. What are the major data privacy laws in your country, and how do these affect most fraud investigations?
China’s Cybersecurity Law, which took effect on June 1, 2017, is now the country’s primary data privacy law. It contains legal requirements for the collection, use, and protection of electronic personal information. Before the Cybersecurity Law, the legal protection of personal data was spread among a vast number of laws and regulations relating to different types of personal data, such as real estate ownership records, business information, telecommunications data, and data concerning personal identity and cross-border movements. These laws and regulations are still in force, but some of their provisions have been subsumed by the Cybersecurity Law when data is obtained or stored by electronic means. Like the EU’s General Data Protection Regulation, China’s Cybersecurity Law generally requires informed consent by data subjects, mandates data security, and limits cross-border transfers of personal information. The law also requires personal information collected by “critical information infrastructure operators” to be stored in China."

Read more about the ACFE's new International Fraud Handbook and order your copy today on